Jump to content
Posted 17 July 2009 - 12:26 PM
Posted 17 July 2009 - 12:30 PM
Posted 17 July 2009 - 12:49 PM
I had a rootkit (uacutil.dll) which I removed with the help of Bleeping Computer (many thanks JAT90!). At first I thought I would re-format after the rootkit was "removed," but that turns out to be impractical. I know that there is no absolute assurance that the computer will not continue to have security risks associated with its use, but short of re-formatting, what can I do to to ensure, to the best possible extent, that the rootkit is really gone? Ad-aware, Spybot and McAfee all now say that the computer is clean.
Rootkits are very dangerous because they compromise system integrity by making changes that allow it to by used by the attacker for malicious purposes. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms. This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is send back to the hacker
Although the rootkit was identified and removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume that because this malware has been removed the computer is now secure.
Posted 17 July 2009 - 01:13 PM
Posted 17 July 2009 - 03:08 PM
Posted 17 July 2009 - 03:15 PM
Posted 17 July 2009 - 06:11 PM
Posted 18 July 2009 - 01:41 AM
I have Spybot and Ad-aware, but they do not run automatically in my current setup.
Posted 18 July 2009 - 08:43 AM
0 members, 0 guests, 0 anonymous users